Site icon MacTech.com

Sudo flaw offers potential (if unlikely) OS X security risk

A Metasploit report (http://www.metasploit.com), as noted by “The MacObserver” (http://tinyurl.com/pe3smcx), says that a security flaw in the command line tool sudo in Mac OS X 10.7 and higher, as well as some Linux distributions, could give unauthorized root access to user’s computers. Metasploit is a company that a company that specializes in finding security issues and building utilities to point them out.

To take advantage of the exploit, an attacker needs to already have an administrator-level account on the Mac, physical or remote access to the machine, have already used the sudo command, and to set the system clock to January 1, 1970. The steps needed to exploit this particular issue make it unlikely most Mac users will become victims before a patch is available, notes “The MacObserver.”

Exit mobile version